Merge ~chad.smith/ubuntu/+source/ubuntu-advantage-tools:pkg-upload-24.4 into ubuntu/+source/ubuntu-advantage-tools:ubuntu/devel
Status: | Needs review |
---|---|
Proposed branch: | ~chad.smith/ubuntu/+source/ubuntu-advantage-tools:pkg-upload-24.4 |
Merge into: | ubuntu/+source/ubuntu-advantage-tools:ubuntu/devel |
Diff against target: |
297 lines (+82/-35) 10 files modified
debian/changelog (+9/-0) uaclient/entitlements/cc.py (+0/-1) uaclient/entitlements/cis.py (+0/-1) uaclient/entitlements/fips.py (+14/-11) uaclient/entitlements/repo.py (+13/-1) uaclient/entitlements/tests/conftest.py (+11/-3) uaclient/entitlements/tests/test_cc.py (+1/-0) uaclient/entitlements/tests/test_cis.py (+1/-1) uaclient/entitlements/tests/test_fips.py (+32/-16) uaclient/version.py (+1/-1) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Bryce Harrington (community) | Approve | ||
Review via email: mp+390109@code.staging.launchpad.net |
Commit message
bug-fix-only release 24.4 for upload into groovy
cherry-
- Honor additionalPackages directives as provided by the contract server machine-token
Known issues still present:
tox -p auto will still exhibit a known upstream flake issue[3]
references:
[1] https:/
<- upstream commit which was backported, some part was inapplicable to release-24 branch
[2] https:/
[3] known upstream flake issue with tox https:/
Groovy package from this branch is available adding this PPA:
sudo add-apt-repository ppa:chad.
There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.
I've had a chance to study the code and think I understand it. I have a couple questions to clarify before approving. I also have several code suggestions but these are just code style so not required or expected for this upload, and provided just for future refactoring ideas if you wish.
### Questions ###
In cc.py and cis.py the packages data member is dropped, allowing these classes to rely on the base class' packages() property, which provides a list of packages from the configuration. fips.py does something similar but overrides the base packages() prop with its own, dropping the fips_packages dict. Two questions:
a. The old code specified two packages "ubuntu- commoncriteria" and "ubuntu- cisbenchmark- 16.04". My assumption is that these are going to be loaded out of a config file going forward? Guessing this is the "contract server" mentioned in bug 1173?
b. Is there a risk if a user already had a config file that did not have these values, of things breaking? Or do we 100% control the contract server and already have the required data in place?
### Code Suggestions (Optional) ###
1. I notice in the test cases, test_cc.py uses "ubuntu- commoncriteria" as its sample data, but test_cis.py uses "pkg1". Would it be more convenient to use "pkg1" in both cases, or alternatively use "ubuntu- cisbenchmark- 16.04" in test_cis.py
2. repo.py's packages() prop adds logic to lookup "entitlement" ->"directives" ->"additionalPa ckages" from the configuration and then return it, or an empty list if not found. It strikes me this might be a situation where the code would be clearer to just wrap in a try block:
try: entitlements[ self.name] ['entitlement' ]['directives' ]['additionalPa ckages' ]
return self.cfg.
except:
return []
3. The packages() prop in repo.py could use a bit more explanation in its code doc. E.g.:
def packages(self) -> "List[str]":
"""
Packages to install on enablement.
Returns the list of packages specified in the additionalPackages
directive, or an empty list if none were configured.
"""
4. fips.py's packages() prop has an interesting use of groupby (I had to look that up, wasn't familiar with it - nice). But as the logic here is a bit more sophisticated it would be worthwhile to give this packages() property its own code docs. For example, maybe something like:
@property
def packages(self) -> "List[str]":
"""
Packages to install on enablement.
Returns only packages from additionalPackages that are
either already installed or required for fips.
"""
5. Also in fips.py's packages() prop, the list assembler at the end could be shortened by combining the if statements since they have the same body:
for pkg_name, pkg_list in pkg_groups: required_ packages:
packages += pkg_list
if pkg_name in installed_packages + self.fips_